[pkgsrc/pkgsrc-2005Q1]: pkgsrc/net/net-snmp Pullup ticket 513 - requested by ...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2005Q1]: pkgsrc/net/net-snmp Pullup ticket 513 - requested by ...
From: salo <salo%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 01:32:11 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/f7ba2c50b46a
branches:  pkgsrc-2005Q1
changeset: 491075:f7ba2c50b46a
user:      salo <salo%pkgsrc.org@localhost>
date:      Fri May 27 14:02:23 2005 +0000

description:
Pullup ticket 513 - requested by Matthias Scheler
security fix for net-snmp

Revisions pulled up:
- pkgsrc/net/net-snmp/Makefile          patched by hand
- pkgsrc/net/net-snmp/buildlink3.mk     patched by hand
- pkgsrc/net/net-snmp/distinfo          patched by hand
- pkgsrc/net/net-snmp/patches/patch-ab  1.5

   Module Name:         pkgsrc
   Committed By:        tron
   Date:                Wed May 25 13:49:10 UTC 2005

   Modified Files:
        pkgsrc/net/net-snmp: Makefile distinfo
   Added Files:
        pkgsrc/net/net-snmp/patches: patch-ab

   Log Message:
   Replace "fixproc" script with version from "net-snmp" CVS respository.
   This fixes the security problem documented in SA15471. Bump package
   revision because of this change.

diffstat:

 net/net-snmp/Makefile         |    4 +-
 net/net-snmp/buildlink3.mk    |    4 +-
 net/net-snmp/distinfo         |    3 +-
 net/net-snmp/patches/patch-ab |  180 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 186 insertions(+), 5 deletions(-)

diffs (230 lines):

diff -r 1ad128b086bc -r f7ba2c50b46a net/net-snmp/Makefile
--- a/net/net-snmp/Makefile     Fri May 27 13:41:22 2005 +0000
+++ b/net/net-snmp/Makefile     Fri May 27 14:02:23 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.27 2004/12/28 02:47:47 reed Exp $
+# $NetBSD: Makefile,v 1.27.2.1 2005/05/27 14:02:23 salo Exp $
 
 DISTNAME=      net-snmp-5.1.2
-PKGREVISION=   3
+PKGREVISION=   4
 CATEGORIES=    net
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=net-snmp/} \
                ftp://ftp.net-smnp.org/pub/sourceforge/net-snmp/
diff -r 1ad128b086bc -r f7ba2c50b46a net/net-snmp/buildlink3.mk
--- a/net/net-snmp/buildlink3.mk        Fri May 27 13:41:22 2005 +0000
+++ b/net/net-snmp/buildlink3.mk        Fri May 27 14:02:23 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.3 2004/11/05 10:33:07 seb Exp $
+# $NetBSD: buildlink3.mk,v 1.3.4.1 2005/05/27 14:02:23 salo Exp $
 
 BUILDLINK_DEPTH:=              ${BUILDLINK_DEPTH}+
 NET_SNMP_BUILDLINK3_MK:=       ${NET_SNMP_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
 
 .if !empty(NET_SNMP_BUILDLINK3_MK:M+)
 BUILDLINK_DEPENDS.net-snmp+=   net-snmp>=5.0.9nb3
-BUILDLINK_RECOMMENDED.net-snmp+=       net-snmp>=5.1.2nb2
+BUILDLINK_RECOMMENDED.net-snmp+=       net-snmp>=5.1.2nb4
 BUILDLINK_PKGSRCDIR.net-snmp?= ../../net/net-snmp
 .endif # NET_SNMP_BUILDLINK3_MK
 
diff -r 1ad128b086bc -r f7ba2c50b46a net/net-snmp/distinfo
--- a/net/net-snmp/distinfo     Fri May 27 13:41:22 2005 +0000
+++ b/net/net-snmp/distinfo     Fri May 27 14:02:23 2005 +0000
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.13 2005/02/24 12:13:54 agc Exp $
+$NetBSD: distinfo,v 1.13.2.1 2005/05/27 14:02:23 salo Exp $
 
 SHA1 (net-snmp-5.1.2.tar.gz) = cf82a86d1b44408890cabe471181b62049cb11d0
 RMD160 (net-snmp-5.1.2.tar.gz) = e5d50e22dbf59ee75e236abb7359e95d4fc4b6f2
 Size (net-snmp-5.1.2.tar.gz) = 3253579 bytes
 SHA1 (patch-aa) = df9bcea942743e9bcd843724612b7d82ea364eca
+SHA1 (patch-ab) = 7e0fc7f52e3947d589bed850e847bd89e8daec1d
 SHA1 (patch-ac) = 43dbf5519feac2a13b893f659090fa24de773ee8
 SHA1 (patch-ad) = 522872c90ac1e442dafb1d210af6e978ac741ce9
 SHA1 (patch-ae) = 122cd63fcdfa01e94083a9f635c3c46d364a0237
diff -r 1ad128b086bc -r f7ba2c50b46a net/net-snmp/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-ab     Fri May 27 14:02:23 2005 +0000
@@ -0,0 +1,180 @@
+$NetBSD: patch-ab,v 1.4.6.1 2005/05/27 14:02:23 salo Exp $
+
+--- local/fixproc.orig 2002-04-20 08:30:13.000000000 +0100
++++ local/fixproc      2005-05-25 14:36:18.000000000 +0100
+@@ -129,6 +129,8 @@
+ #
+ # Timothy Kong                3/1995
+ 
++use File::Temp qw(tempfile);
++
+ $database_file = '/local/etc/fixproc.conf';
+ 
+ $debug = 0;                   # specify debug level using -dN
+@@ -191,20 +193,19 @@
+ sub create_sh_script
+ {
+   local ($file) = pop (@_);
++  local ($fh) = pop (@_);
+   local ($i) = pop (@_);
+ 
+-  printf (stderr "create_sh_script\n") if ($debug > 0);
++  printf (STDERR "create_sh_script\n") if ($debug > 0);
+ 
+   $! = $fixproc_error;
+-  open (file, ">"."$file") || die "$0: cannot open $file\n";
+   while ( $shell_lines[$i] ne $shell_end_marker )
+     {
+-      printf (file "%s", $shell_lines[$i]);
++      printf ($fh "%s", $shell_lines[$i]);
+       $i++;
+     }
+-  close (file);
+-  system "chmod +x $file";
+-  return file;
++  close ($fh);
++  chmod 0755, $file;
+ }
+ 
+ 
+@@ -212,7 +213,7 @@
+ {
+   local ($proc) = pop(@_);
+ 
+-  printf (stderr "do_fix\n") if ($debug > 0);
++  printf (STDERR "do_fix\n") if ($debug > 0);
+ 
+   if ($fix{$proc} eq '')
+     {
+@@ -230,14 +231,13 @@
+   else
+     {
+       # it must be "shell", so execute the shell script defined in database
++      local ($tmpfh, $tmpfile) = tempfile("fix_XXXXXXXX", DIR => "/tmp");
+ 
+-      local ($tmpfile) = "/tmp/fix_$$";
+-
+-      &create_sh_script ($fix{$proc}, $tmpfile);
++      &create_sh_script ($fix{$proc}, $tmpfh, $tmpfile);
+ 
+               # return code is number divided by 256
+       $error_code = (system "$tmpfile") / 256;
+-      system "rm $tmpfile";
++      unlink($tmpfile);
+       return ($fix_failed_error) if ($error_code != 0);
+         # sleep needed here?
+       return &do_exist ($proc);
+@@ -249,7 +249,7 @@
+ {
+   local ($proc) = pop(@_);
+ 
+-  printf (stderr "do_check\n") if ($debug > 0);
++  printf (STDERR "do_check\n") if ($debug > 0);
+ 
+   if ($check{$proc} eq '')
+     {
+@@ -262,13 +262,13 @@
+       # if not "exist", then it must be "shell", so execute the shell script
+       # defined in database
+ 
+-      local ($tmpfile) = "/tmp/check_$$";
++      local ($tmpfh, $tmpfile) = tempfile("check_XXXXXXXX", DIR => "/tmp");
+ 
+-      &create_sh_script ($check{$proc}, $tmpfile);
++      &create_sh_script ($fix{$proc}, $tmpfh, $tmpfile);
+ 
+               # return code is number divided by 256
+       $error_code = (system "$tmpfile") / 256;
+-      system "rm $tmpfile";
++      unlink($tmpfile);
+       return ($check_failed_error) if ($error_code != 0);
+ 
+       # check passed, continue
+@@ -281,13 +281,13 @@
+ {
+   local ($proc) = pop(@_);
+ 
+-  printf (stderr "do_exist\n") if ($debug > 0);
++  printf (STDERR "do_exist\n") if ($debug > 0);
+ 
+   # do ps, check to see if min <= no. of processes <= max
+   $! = $fixproc_error;
+-  open (command, "/bin/ps -e | /bin/grep $proc | /bin/wc -l |")
++  open (COMMAND, "/bin/ps -e | /bin/grep $proc | /bin/wc -l |")
+     || die "$0: can't run ps-grep-wc command\n";
+-  $proc_count = <command>;
++  $proc_count = <COMMAND>;
+   if (($proc_count < $min{$proc}) || ($proc_count > $max{$proc}))
+     {
+       return $check_failed_error;
+@@ -301,13 +301,13 @@
+   local ($proc) = pop(@_);
+   local ($second_kill_needed);
+ 
+-  printf (stderr "do_kill\n") if ($debug > 0);
++  printf (STDERR "do_kill\n") if ($debug > 0);
+ 
+   # first try kill
+   $! = $fixproc_error;
+-  open (command, "/bin/ps -e | /bin/grep $proc |")
++  open (COMMAND, "/bin/ps -e | /bin/grep $proc |")
+     || die "$0: can't run ps-grep-awk command\n";
+-  while (<command>)
++  while (<COMMAND>)
+     {
+       # match the first field of ps -e
+       $! = $fixproc_error;
+@@ -318,10 +318,10 @@
+   # if process still exist, try kill -9
+   sleep 2;
+   $! = $fixproc_error;
+-  open (command, "/bin/ps -e | /bin/grep $proc |")
++  open (COMMAND, "/bin/ps -e | /bin/grep $proc |")
+     || die "$0: can't run ps-grep-awk command\n";
+   $second_kill_needed = 0;
+-  while (<command>)
++  while (<COMMAND>)
+     {
+       # match the first field of ps -e
+       $! = $fixproc_error;
+@@ -334,9 +334,9 @@
+   # see if kill -9 worked
+   sleep 2;
+   $! = $fixproc_error;
+-  open (command, "/bin/ps -e | /bin/grep $proc |")
++  open (COMMAND, "/bin/ps -e | /bin/grep $proc |")
+     || die "$0: can't run ps-grep-awk command\n";
+-  while (<command>)
++  while (<COMMAND>)
+     {                         # a process still exist, return error
+       return $cannot_kill_error;
+     }
+@@ -349,7 +349,7 @@
+   local ($proc) = pop(@_);
+   local ($error_code);
+ 
+-  printf (stderr "do_restart\n") if ($debug > 0);
++  printf (STDERR "do_restart\n") if ($debug > 0);
+ 
+   $error_code = &do_kill ($proc);
+   return $error_code if ($error_code != $no_error);
+@@ -369,7 +369,7 @@
+   local ($proc) = pop(@_);
+   local ($error_code);
+ 
+-  printf (stderr "work_on_proc\n") if ($debug > 0);
++  printf (STDERR "work_on_proc\n") if ($debug > 0);
+ 
+   if ($cmd_line_action eq '')
+     {
+@@ -475,8 +475,8 @@
+   local ($str2);
+ 
+   $! = $fixproc_error;
+-  open (db, $database_file) || die 'cannot open database file $database_file\n';
+-  while (<db>)
++  open (DB, $database_file) || die 'cannot open database file $database_file\n';
++  while (<DB>)
+     {
+       if ((! /\S/) || (/^[ \t]*#.*$/))
+       {
Prev by Date: [pkgsrc/pkgsrc-2005Q1]: pkgsrc/doc #519
Next by Date: [pkgsrc/pkgsrc-2005Q1]: pkgsrc/doc #513
Previous by Thread: [pkgsrc/pkgsrc-2005Q1]: pkgsrc/doc #519
Next by Thread: [pkgsrc/pkgsrc-2005Q1]: pkgsrc/doc #513
Indexes:
Home | Main Index | Thread Index | Old Index